Kategorie

It's a sad fact that we end up seeing warnings about warnings in the aftermath of a major cybersecurity event

Jedno z největších amerických novinových vydavatelství Gannet Co, do jehož portfolia patří i deník USA Today, napadli hackeři a získali citlivá data o 18 tisících současných i dřívějších zaměstnancích. K průniku do vnitřní sítě vydavatelství došlo prostřednictvím phishingové zprávy, kterou pachatel zaslal na oddělení lidských zdrojů společnosti, uvedl server WeLiveSecurity.com.

After the discovery of a critical vulnerability that could have allowed hackers to view private Yahoo Mail images, Yahoo retired the image-processing library ImageMagick. ImageMagick is an open-source image processing library that lets users resize, scale, crop, watermarking and tweak images. The tool is supported by PHP, Python, Ruby, Perl, C++, and many other programming languages. This

Enlarge (credit: Health Service Journal)

Researchers have found more digital fingerprints tying this month's WCry ransomware worm to the same prolific hacking group that attacked Sony Pictures in 2014 and the Bangladesh Central Bank last year.

Last week, a researcher at Google identified identical code found in a WCry sample from February and an early 2015 version of Contopee, a malicious backdoor used by the hacking team Lazarus Group. The group has been operating since at least 2011. Additional fingerprints linked Lazarus Group to hacks that wiped almost a terabyte's worth of data from Sony Pictures and siphoned a reported $81 million from the Bangladesh Central Bank last year. Researchers say Lazarus Group carries out hacks on behalf of North Korea.

On Monday, researchers from security firm Symantec presented additional evidence that further builds the case that WCry, which is also known as WannaCry, is closely linked to Lazarus Group. The evidence includes:

Read 3 remaining paragraphs | Comments

The country's top cybersecurity boss said the country is headed the wrong way when it comes to cybersecurity.

Experti OSN vyšetřující porušování sankčních podmínek uvalených na Severní Koreu jsou terčem kybernetických útoků, za kterými stojí hackeři s velmi dobrým přehledem o jejich práci. OSN to uvádí v interním varovném e-mailu, napsala v pondělí agentura Reuters.

Enlarge (credit: BenGrantham)

For years, Yahoo Mail has exposed a wealth of private user data because it failed to update widely used image-processing software that contained critical vulnerabilities. That's according to a security researcher who warned that other popular services are also likely to be leaking sensitive subscriber secrets.

Chris Evans, the researcher who discovered the vulnerabilities and reported them privately to Yahoo engineers, has dubbed them "Yahoobleed" because the vulnerabilities caused the site to bleed contents stored in server memory. The easy-to-exploit flaws resided in ImageMagick, an image-processing library that's supported by PHP, Ruby, NodeJS, Python, and about a dozen other programming languages. One version of Yahoobleed was the result of Yahoo failing to install a critical patch released in January 2015. A second Yahoobleed vulnerability was the result of a bug that ImageMagick developers fixed only recently after receiving a private report from Evans.

The vulnerability discovered by Evans could be exploited by e-mailing a maliciously manipulated image file to a Yahoo Mail address. After opening the 18-byte file, chunks of Yahoo server memory began leaking to the end user. Evans called this version of the attack "Yahoobleed1." "Yahoobleed2" worked by exploiting the vulnerability fixed in January 2015.

Read 4 remaining paragraphs | Comments

Verizon patched late last year persistent- DOM-based cross-site scripting vulnerabilities in its Message+ messaging client that could allow an attacker to control a user's session.

Your daily round-up of some of the other stories in the news

A worm called EternalRocks has been spreading seven Windows SMB exploits leaked by the ShadowBrokers, including EternalBlue, which was used to spread WannaCry.

** WannaCry se masivně rozšířil kvůli zranitelnosti ve Windows ** Ta mu umožnila, aby se pokusil sám napadnout další počítače ** Jenže ta chyba už je dva měsíce opravená!

Judge rules images found on a defendant's hard drive inadmissible - but bats away contention that he had an expectation of privacy when he passed his PC to Geek Squad

A security researcher has identified a new strain of malware that also spreads itself by exploiting flaws in Windows SMB file sharing protocol, but unlike the WannaCry Ransomware that uses only two leaked NSA hacking tools, it exploits all the seven. Last week, we warned you about multiple hacking groups exploiting leaked NSA hacking tools, but almost all of them were making use of only two

WannaCry may be behind us, but fears that the crooks might create new malware from the NSA's stash of exploits seem to be coming true

Hencha Voigt and her partner Wesley Victor were unable to unlock their phones despite the judge's order - and the case highlights some inconsistencies in the law

Time is running out - are you ready for GDPR? We've got some guidance for you

Jaya Baloo, CISO of KPN, the Netherlands’ leading telecommunications provider, talks to Mike Mimoso about the WannaCry ransomware outbreak and how large network providers and enterprises must contend with advanced attacks.

Twitter has tweaked its settings so that you can see what it thinks you're interested in so that advertisers can target you

1. Introduction On 12th of May 2017, unknown hackers launched a large-scale global ransomware attack. It affected more than 230,000 computers. The ransomware (WanaCrypt0r 2.0) used for conducting the attack was based on the EternalBlue exploit created by the U.S. National Security Agency (NSA). Although in March 2017 Microsoft released a security patch addressing the […]

The post Why Was Wanacrypt0r 2.0 So Successful? appeared first on InfoSec Resources.

With the disturbing facts that the hackers are actively breaching our computer systems and stealing our critical data and corporate information, it is required to build a strong network and security infrastructure before expanding the businesses and startups should look ahead in this regard as they are the easiest prey. We have seen many cyber-security […]

The post 5 Key Steps to Survive as a Cyber Security Startup appeared first on InfoSec Resources.